package org.example.config;

import org.example.handler.MyAuthenticationFailureHandler;
import org.example.handler.MyAuthenticationSuccessHandler;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
public class SecurityConfiguration {

//    @Bean
//    public UserDetailsService userDetailsService() {
//        return new MyUserDetailsService();
//    }



    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http.authorizeHttpRequests(requests -> requests
                        .anyRequest().authenticated())
                // 使用自定义的handler
                // 将返回一个json数据，并不会在转发页面，因为默认的转发页面已经被覆盖
                .formLogin(form->form
                        .successHandler(new MyAuthenticationSuccessHandler())
                        .failureHandler(new MyAuthenticationFailureHandler())
                )
                .csrf(csrf -> csrf.disable());

        return http.build();
    }



    // 加密算法,加了个这个算法只有，{noop}就失效了
//    @Bean
//    public BCryptPasswordEncoder passwordEncoder() {
//        return new BCryptPasswordEncoder();
//    }

}
